Magnetic Stripe-Bearing Documents
Magnetic stripe-bearing documents, for example credit cards, banking cards, and debit cards, are used for a growing number of transactions. In this patent application, the term “card” is used to refer to any magnetic stripe-bearing document, and the phrase “credit card transaction” is used to refer to any transaction involving a magnetic stripe-bearing document. The term “card” is further used to refer to cards with security chips. Also he phrase “financial card” is used to refer generally to credit, banking, and debit cards.
In addition, the following terms are defined for use in this patent application:                Magnetic stripe card—a plastified card with a magnetic stripe on the back. It can be used for banking or identification purposes. The magnetic stripe cannot be removed without physically damaging the card, thus becoming an integral part of the card.        Magnetic stripe—a stripe of magnetic material on which data can be digitally or analogically recorded.        Magnetic Stripe ID—A data set (numeric, alphanumeric explicit or coded) that uniquely identifies each magnetic stripe card during the card's life.        Card data—The information recorded on the magnetic stripe. It typically has the bank ID and the account number.        Card—A fully identified and controlled magnetic stripe card.        Card ID—The resulting data set (numeric, alphanumeric explicit or coded) from an algorithm or a mathematical function of the card data and the magnetic stripe ID. It uniquely identifies each card through its life and is defined, stored on a production database and recorded on the magnetic stripe during the card production process.        Valid Card ID—The unique identification of a produced card.        Invalid Card—Any card that does not have a matching unique identification within the a valid cards database, explained below, or calculated from the information recorded on the magnetic stripe.        Live Card—A card in the possession and responsibility of the account holder, which at risk of alteration, stealing and cloning.        Live Cards Database—The universe of valid cards at risk.        POS terminal—Point-of-sale terminal, a device designed to read cards and process the payments made with them.        
The characteristic fingerprint of a banking card is an element that cannot be changed or modified without physically damaging or destroying the card. There are different such elements that can be found in a card such as:                Magnetic stripe—the structure/distribution of the magnetic material molecules of a predefined stripe is unique and characteristic for that stripe, and it can be mapped to a code using a mathematical function over the measurement or detection of one of, or a subset of, the several magnetic field elements of that specific stripe. That is what is called a “Magnetic Stripe ID.”        RFID—Radio frequency identification (RFID) has a manufacturer-implanted code that is unique for that specific device and is usually embedded in the card.        Intelligent Chip—The chips used in banking and prepaid cards also have a manufacturer-implanted code that is unique for that specific device and that cannot be changed without destroying the chip. The chip can be cut out the card and placed on another card or fried on a microwave oven, but then the data on the card and/or the magnetic stripe ID (which is the chip back up) will not match.The Production of Cards        
Magnetic stripe cards are produced in specialized shops. The process starts with the blank magnetic stripe cards, i.e. the magnetic stripe cards with the desired background image of a customer such as a bank.
The production of the magnetic stripe cards might require the use of several steps with different equipment. The produced magnetic stripe cards sometimes are stored before continuing with the card-production process, and all the movements in and out of these secure storage areas must be controlled. In the encoding stage of the process, the magnetic stripe card is converted into a produced card by printing and embossing the information of the account holder and recording the card data on the magnetic stripe of the card. Usually at this stage there is a quality-assurance process or station.
The produced cards are delivered by courier service to the account holder, who visually verifies the card, signs the receipt and signs the card. Then the account holder calls the issuing bank to activate the card. Afterwards, the account owner is ready to use the card to make different payments. When the account owner opens a card account, the name and address as well as the valid signatures and pay conditions are registered at the bank. When the card is subsequently presented for payment, the magnetic stripe is read on the POS terminal, which extracts the data, sends it for validation to the bank, and waits for acceptance or rejection of the payment. If the transaction is accepted, the POS terminal prints a voucher and a copy, and the merchant sees that the voucher is signed with the appropriate signature and then delivers the copy and the purchased goods.
Problem—Card Fraud
Card fraud is a growing problem worldwide. The current increased security measures for preventing such fraud increase the costs of credit card transactions and cause verification-related delays at points of sale that adversely affect both the merchants and the customers. One of the many credit card fraud schemes is “skimming,” where an unauthorized person, typically a dishonest employee of the merchant, steals the information on the magnetic stripe of a customer's credit card and then makes a forged copy of the original card and uses it to generate counterfeit purchases and transactions. Credit card data are gathered by an electronic credit card reader (skimmer). Another form of fraud is stealing the account holder data from statements or through the Internet and then generating a forged banking card with the stolen data.
According to the US Department of Justice and the Nilson Report on consumer-payment systems, in the USA in 2000, 30.4% of the total payments was made with a type of banking card with a total amount of 1.238 trillion dollars and 28.8 billion of transactions. The Nilson Group estimates that this percentage will grow to 48.9% by year 2008 with a total amount of 3.594 trillion dollars and 64.5 billion of transactions. The same report indicates that in 2003 1.728 billion cards were issued in the USA. The 2006 BBB/Javelin survey reported a total of $14.71 billion in credit-card-fraud losses. Visa's global losses are about $2 billion per annum. If this continues at the same rate, fraud will cost $11 per card by 2008.
Prior Solutions
To reduce card fraud, many techniques have been devised for verifying the authenticity of cards. Typically these prior techniques have involved using unique information on the card to determine authenticity. This unique information may be part of the information on the card's magnetic stripe resulting from the card's production, located in the card's “noise” for example. Or it may be added to the card, for example in the form of an ID comprising numeric and/or text identifiers. U.S. Pat. Nos. 6,098,881, 6,431,445, and 6,899,269 for DeLand provide examples of such prior techniques.
However, one reason for the current magnitude of the magnetic stripe card fraud problem in spite of prior solutions is that it is currently impossible to ensure that the unique data on a card come from the magnetic stripe where they were recorded originally when the card was first issued. The skimming method mentioned above provides an example where such unique data can be stolen and forged onto a fraudulent card.
Therefore there is a need for a system and method that ensures that the unique data on a card come from the magnetic stripe where they were recorded originally when the card was first issued.